SANS Digital Forensics and Incident Response Blog: Author - Rob Lee

APT Memory and Malware Challenge Solution

APT Memory & Malware Challenge Answers The memory image contains real APT malware launched against a test system. Your job? Find it. The object of our challenge is simple: Download the memory image and attempt to answer the 5 questions. To successfully submit for the contest, all answers must be attempted. Each person that correctly … Continue reading APT Memory and Malware Challenge Solution


Get a MacBook Air, Toshiba Satellite Ultrabook, or an $850 discount with most #DFIR Online courses

ThroughJan 23, 2014, you can receive a 11" 128GB MacBook Air (just-announced newest model), Toshiba Satellite E45T-AST2N01Ultrabook' Convertible, or an $850 discount when you register and pay for a qualifying*vLiveorOnDemandcourse! SANS-Forensics-Virtual-Training-Offerings To take advantage of this offer, enter one of the following discount codes at checkout: MacBook Air:MACB13 $850 Discount:850B13 Toshiba Ultrabook:PCB13 QualifyingOnDemandcourses include: FOR408: … Continue reading Get a MacBook Air, Toshiba Satellite Ultrabook, or an $850 discount with most #DFIR Online courses


Windows Memory Analysis In-Depth - Discount Code = WINDEX = 10% Off #DFIR

Memory analysis skills are one of the most in-demand skills for digital forensics, incident response, and malware analysts today. SANS is introducing a brand new 5-day class dedicated toWindows Memory Forensics. The hands-on course, written by memory forensics pioneerJesse Kornblum, is incredibly comprehensive and a crucial course for any investigator who is analyzing intrusions. SANS … Continue reading Windows Memory Analysis In-Depth - Discount Code = WINDEX = 10% Off #DFIR


Java IDX Sample Files from Java Spearphishing Attack from SANS FOR508

Earlier this year, SANS created the most in-depth incident response training scenario that spans multiple systems in FOR508: Advanced Forensic Analysis and Incident Response. We discussed the entire scenario in a blog titled: "Is Anti-Virus Really Dead? A Real-World Simulation Created for Forensic Data Yields Surprising Results" One of the biggest complaints that many have … Continue reading Java IDX Sample Files from Java Spearphishing Attack from SANS FOR508


Announcing: The 2013 SANS Digital Forensics and Incident Response Summit Agenda

http://www.sans.org/event/dfir-summit-2013 AGENDA PDF DOWNLOAD Tuesday, July 9, 2013 Time Room 1 Room 2 7:00am - 8:00am Registration | Networking Breakfast Presented By 8:00am - 8:10am Welcome and Introduction to the 2013 Digital Forensics and Incident Response Summit Rob Lee & Alissa Torres- Summit Chairs Digital Forensics and Incident Response Summit 8:10am - 9:10am Digital Forensics … Continue reading Announcing: The 2013 SANS Digital Forensics and Incident Response Summit Agenda